package com.pro.config;

import com.pro.utils.SecurityPasswordEncoder;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;

import javax.sql.DataSource;

@Configuration
public class SecurityWebConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.formLogin()
                .usernameParameter("account")//设置用户名参数名
                .passwordParameter("password")//设置用户密码参数名
                .loginPage("/")//初始跳转页面
                .loginProcessingUrl("/login")//登录请求路径
                //.successForwardUrl("/user/main");
                //.successHandler(new LoginSuccessHandler("/user/main",true))//登录成功页面
                .defaultSuccessUrl("/login/login",true)
                .failureForwardUrl("/");//登录失败页面

        http.authorizeRequests()
                .antMatchers("/","/images/login6.jpg","*jpg","*.png","*.jpeg"
                        ,"/login/getVerify","login/login","login","/login/verificationcode","/layui/*").permitAll()//无需认证就能进入的页面
                .antMatchers("/**/*.css").permitAll()//放行css文件
                .antMatchers("/**/*.js").permitAll()//放行js文件

                .anyRequest().authenticated();//任何请求都必须认证才能进入

        http.logout()
                .invalidateHttpSession(true)//清空session
                .clearAuthentication(true)//清空security记录
                .logoutSuccessUrl("/")//退出登录请求
                .logoutUrl("/login//logOut");//退出登录

        /*http.rememberMe()
                .rememberMeParameter("remember-me")//记住我参数名配置
                .tokenValiditySeconds(7*24*60*60)//设置记住我有效时间，默认十四天
                .rememberMeCookieName("remember-me")//在cookie中的名字
                .tokenRepository(persistentTokenRepository)//配置用户登录标记的持久化工具对象
                .userDetailsService(userDetailsService);//配置自定义userDetailsService接口实现类对象*/

        //设置页面中iframe可以访问
        http.headers().frameOptions().sameOrigin();

        //关闭csrf安全协议
        http.csrf().disable();
    }

   /*
    @Autowired
    private PersistentTokenRepository persistentTokenRepository;

    @Autowired
    private UserDetailsService userDetailsService;
    */

    /**
     * 持久化登录标记的登录
     * @return
     */
    /*@Bean
    public PersistentTokenRepository persistentTokenRepository(DataSource dataSource){
        JdbcTokenRepositoryImpl jdbcTokenRepository = new JdbcTokenRepositoryImpl();
        jdbcTokenRepository.setDataSource(dataSource);
        //执行创建sql语句
        jdbcTokenRepository.setCreateTableOnStartup(true);
        return jdbcTokenRepository;
    }*/

    /**
     * 注入加密方式
     * @return
     */
    @Bean
    public PasswordEncoder passwordEncoder(){
        //注入加密
        return new SecurityPasswordEncoder();
    }
}
